PT-2026-42744 · Ster · Ster

Michelin Cert

·

Published

2026-05-22

·

Updated

2026-05-22

·

CVE-2026-25608

CVSS v4.0

2.3

Low

VectorAV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Name of the Vulnerable Software and Affected Versions STER versions prior to 9.5
Description STER uses unencrypted TCP traffic to transmit data over the network. This allows an attacker to conduct a Man-In-The-Middle attack—a technique where an attacker intercepts communication between two parties—to obtain sensitive data such as passwords, personal data, or authentication tokens.
Recommendations Update to version 9.5.

Fix

Cleartext Transmission of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-25608

Affected Products

Ster